Morning Overview on MSN

Microsoft just confirmed attackers are exploiting an Exchange Server zero-day to silently hijack inboxes — CVE-2026-42897 lets them rewrite emails and steal sessio…

Organizations running Microsoft Exchange Server face an active threat after a zero-day vulnerability was confirmed to allow ...
CRN

Microsoft Security Patches Stanch Windows, Exchange Flaws

Two of the three bulletins were tagged as "critical," including MS06-019, which patches a flaw in Exchange Server, and MS06-020, which involved the third-party product, Adobe's Flash Player. "This ...
ZDNet

Windows, Exchange flaws patched

Microsoft on Tuesday released three security updates, two of which address critical flaws in its Exchange e-mail server and third-party software in Windows. Critical vulnerabilities in Microsoft ...
Neowin

Microsoft rolls out August 2025 security patches for Exchange Server

Earlier today, we reported that Microsoft is tracking a high-severity security flaw in hybrid Exchange Server deployments that enables an attacker who has gained on-prem administrative rights to take ...
ZDNet

Everything you need to know about the Microsoft Exchange Server hack

Update 26.3.2024: While not on the same scale as 2021's Microsoft Exchange Server hack (see below this update), security problems impacting Exchange Server have reemerged. In March 2024's monthly ...
Redmond Magazine

Final Exchange Server 2019 Cumulative Update Released

On Monday, Microsoft released the last major update for Exchange Server 2019. The aging Exchange Server is set to lose support on Oct. 14, 2025. This final update (2025 H1 Cumulative Update (CU15) ...

Microsoft Exchange hacked, Defender broken, BitLocker bypassed

Microsoft's May Patch Tuesday looked quiet. Since then, there's been an unpatched Exchange CVE, three Defender flaws, and a new BitLocker bypass.